SEPA

What is SEPA?

The Single Euro Payments Area, or SEPA, is an area in which consumers, companies and all other users of payment services can make and receive payments in euro under the same conditions and with the same rights and obligations, regardless of their location within Europe. SEPA covers 34 European countries: the 28 Member States of the European Union, as well as Iceland, Norway, Liechtenstein, Switzerland, Monaco and San Marino.

SEPA is also defined as an industry project and a political process, which both aim to remove the legal, commercial and technical barriers that currently still separate national payments markets.

Consumers and companies will become accustomed to common, basic,
similar-functioning payment instruments and services in euro, with
which they can reach any payment account holder in order to make or
receive payments in euro. Payment service users will be able to
compare conditions and quality and choose the most attractive offer,
without having to take into account the location of the payment
service provider. All payment service providers are subject to
EU-wide legal requirements and obligations, mainly
under the Payment Services Directive, Regulation (EC) No 924/2009
and Regulation (EU) No 260/2012.

The payments industry is responsible for the creation of solutions
to remove technical and commercial barriers in the euro retail
payments market. The Eurosystem and the European Commission steer,
monitor and foster SEPA’s progress, both at the national and the
European levels. The legal foundations have been laid down by new
European legislation since 2001 in line with the
high-level objectives of Economic and Monetary Union.

SEPA is a long-term project (see timeline). An important milestone was
reached on 1 February 2014, the legal end date for migration to SEPA
credit transfers and SEPA direct debits in the euro area (there was
grace period until the 1 August 2014 for the processing of legacy
payments). The deadline for EU Member States with other currencies,
applicable to payments in euro, is 31 October 2016. The EU
regulations also require the use of certain common standards and
technical requirements, such as the use of International Bank
Account Numbers (IBAN) and the financial services messaging standard
ISO 20022 XML.

No, SEPA does not only cover the euro area. Market communities
outside the euro area have also adopted SEPA standards and practices
for their euro payments. However, legal coverage applies to the
countries within the EU/EEA only.

Can I initiate a SEPA credit transfer or a SEPA direct debit for a country located outside the SEPA countries?

No, this is not possible. SEPA credit transfers and SEPA direct debits are made in euro. They can only be made for a payment account located in a country in the Single Euro Payments Area. This area comprises the 28 Member States of the EU, as well as Iceland, Norway, Liechtenstein, Switzerland, Monaco and San Marino.

Can SEPA payments be processed in currencies other than euro?

No, SEPA payments can only be processed in euro.

Does SEPA make retail payments faster
everywhere in Europe?

Making retail payments faster, especially cross-border payments, was
one of the prime initial policy objectives of SEPA. This objective
has been clearly met for cross-border payments: since 1 January
2012, the Payment Services Directive has obligated all EU payment
service providers to adhere to strict time limits in the execution of their
payments (“D+1”). The impact of SEPA on the speed of execution of
retail payments at the national level will, however, be less
obvious, as, for instance, the starting conditions have varied
substantially across the different countries.

If national and cross-border SEPA payments
become one, am I free to choose any payment service provider in the
EU?

In principle, yes. SEPA companies and consumers are free to choose
the location of their payment account; they should, therefore, be
able to make their choices based on the level of service and the
fees within a competitive European market for retail payment
services in euro.

How much do I have to pay for each SEPA
transaction? For instance, will the payments industry be able to
charge more for executing a SEPA credit transfer in euro to/from
another EU country than it would charge for a similar credit transfer
in euro at the national level?

Setting the actual level of charges is at the discretion of each
individual payment service provider and is subject to market
competition. Transparency vis-à-vis charges for the payment services
offered needs to be ensured by the providers: the Payment Services Directive details the
information to be given to users before the service is actually
used, including, inter alia, information on the processing times and
applicable charges.

Regulation (EC) No 924/2009 removes any
discrepancies between charges for cross-border and national payments
in euro. Payment service providers must apply equal charges to
comparable cross-border and domestic payments in euro within the EU.
This principle of equal charges was reinforced by the SEPA migration
end-date regulation, which has removed the €50,000 ceiling
previously set.

Regulation (EU) No 260/2012 establishes 1 February 2014 as the
official end date for migration to SEPA of the euro area countries
and 31 October 2016 for the other EU Member States. From these dates
on, all legacy credit transfers and national direct debits in euro
will be replaced by SEPA credit transfers and SEPA direct debits.
The regulation also requires the use of certain common standards and
technical requirements, such as the use of International Bank
Account Numbers (IBAN) and of the financial services messaging
standard ISO 20022 XML for all credit transfers and direct debits in
euro in the EU.

What was the purpose of Regulation (EU) No
260/2012 for SEPA?

The European payments industry has jointly developed payment
instruments that can be used all over Europe. Yet, the market
incentives to actually use them instead of national legacy
instruments were not strong enough to trigger significant migration
to SEPA. For the payments industry, the parallel operation and
processing of both national and SEPA credit transfer and direct
debit schemes is rather costly. Furthermore, the full benefits of
SEPA will only materialise once migration is complete. The
Eurosystem and several other major stakeholders, therefore, stressed
the need for the establishment of an end date to ensure full
migration from national credit transfer and direct debit schemes to
their SEPA alternatives.

Are there any exceptions or waivers for
compliance with Regulation (EU) No 260/2012?

Regulation (EU) No 260/2012 enabled EU Member States to establish
waivers for some specific requirements for a limited period of up to
two years. An overview of national options for waivers that were
actually enforced can be found on the website of the European Commission. The website of the
European Central Bank provides country-specific fact sheets on these
transitional waivers, on the competent national authorities and on
the penalty provisions.

What does the SEPA reachability requirement
mean?

Reachability refers to the obligation of payment service providers
to ensure that any payment account that can be used for sending or
receiving credit transfers and/or direct debits in euro at the
national level can also be used for sending or receiving equivalent
SEPA credit transfers and/or SEPA direct debits in euro.

As a business user, how can I know whether
the payment service provider for my business partner supports SEPA
credit transfers or SEPA direct debits?

According to the reachability requirement established under
Regulation (EU) No 260/2012, all payment service providers that
process legacy credit transfers or direct debits must also process
SEPA credit transfers or core SEPA direct debits, respectively.
However, reachability for business-to-business direct debits is only
optional. The European Payments Council manages the public registers
of all participants in SEPA credit transfers and SEPA direct debits.

Are there any other currencies, apart from
the euro, under the scope of Regulation (EU) No 260/2012?

Regulation (EU) No 260/2012 has made the
use of the ISO20022 XML message standard mandatory: i) between
payment service providers; and ii) for the bundled transmission of
credit transfers and direct debits in euro between business users
and their payment service providers; micro-enterprises (with less
than ten staff members and a turnover or a balance sheet total of up
to €2 million) and consumers are not subject to this requirement.

Member States may waive this requirement until 1 February 2016.
Information regarding those Member States that have opted for this
waiver can be found on the websites of the European Commission and the European Central Bank.

The ECB’s website: SEPA countries (links to national
information on SEPA and IBAN, overview of national SEPA fora,
national fact sheets on SEPA migration: transitional and penalty
provisions, national competent authorities, country-specific
migration indicators)

The European Commission’s website: SEPA migration (transitional provisions,
competent authorities and out-of-court and redress bodies based on
Regulation (EU) 260/2012, meeting documentation of the EU Forum of
national SEPA Coordination Committees)

The European Commission’s website: Cross-border payments in euro (application
of Regulation (EC) No 924/2009 on cross-border payments in euro and
its extension to the Swedish kronor and the Romanian lei, national
competent authorities and out-of court and redress bodies)

Who is responsible for which aspects of the
SEPA migration end-date regulation (Regulation (EU) No 260/2012)?

Under Regulation (EU) No 260/2012, the European
Commission, the European Parliament and the Council have defined end
dates for the migration to SEPA credit transfers and SEPA direct
debits. Each payment service user and each payment service provider
is responsible for being prepared by the migration end dates.
Designated national competent authorities are
responsible for ensuring compliance with the SEPA migration end-date
regulation at the national level. For the settlement of disputes
concerning the rights and obligations arising from the end-date
regulation between the payment service providers and their
customers, each Member State has established an out-of-court complaint and redress body.
The Court of Justice of the European Union is
ultimately responsible for the implementation and final
interpretation of the SEPA end-date regulation. The European Commission is entitled to adopt
delegated acts to amend the technical requirements detailed in the
annex of the end-date regulation, so as to take into account
technical progress and market developments.

The Eurosystem monitors and fosters migration
to the new payment instruments. It also encourages the payments
industry to further develop its SEPA offerings, making them
increasingly more attractive for users. The national ministries of
finance support SEPA through the ECOFIN Council and are, in most
countries, intrinsically involved in facilitating preparations for
and migration to SEPA at the national level, often in collaboration
with the national central banks.

What is an R-transaction?

Some credit transfer or direct debit transactions require
exceptional handling, because one of the parties involved does not
or cannot process them in the normal way owing to some external
factor or circumstance.

This exceptional handling involves the sending of exception
messages called R-transactions because their names all start with an
“R”: rejects, refusals, returns, refunds, reversals, revocations and
requests for cancellation. Which of these R-transactions is used
depends on the point in time in the processing chain at which the
R-transaction is initiated or sent, as well as on the party
initiating or sending it.

For credit transfers there are fewer types of R-transactions than
for direct debits as the latter involves significantly more complex
processes. To help straight-through processing (STP) of payment
transactions, it is important that all parties to the transactions
(payment service providers and companies initiating or receiving
bulk payment transactions) prepare their systems to prevent
R-transactions to the largest extent possible. Those companies that
regularly deal with R-transactions, for instance with direct debit
refunds, could even prepare their systems to handle R-transactions.
This would allow them to handle exceptions in a fully automatic way
and much faster than manually.

The exact definitions and usage rules of R-transactions are
described in the SEPA credit transfer and SEPA direct debit
rulebooks developed and maintained by the European Payments Council. Further
information can also be obtained from payment service providers or
from automated clearing houses processing SEPA transactions.

IBANs and BICs

How can a SEPA payment account be
identified?

The IBAN (International Bank Account Number) is the unique payment
account identifier for SEPA. The BIC (Business Identifier Code)
unambiguously identifies the payment service provider. By February
2014, the IBAN will be the sole payment account identifier for
national and cross-border credit transfers and direct debits in euro
within the EU (by 31 October 2016 for Member States with other
currencies than the euro).

Why do I have to use the IBAN to make SEPA
payments?

Regulation (EU) No 260/2012 requires the
use of certain common standards and technical requirements, among
them the International Bank Account Numbers (IBANs). The reason for
this being that common technical standards are needed to process
SEPA credit transfers and SEPA direct debits. They are also
necessary to allow interaction and interoperability between
different IT systems.

What is the BIC?

The Business Identifier Code or BIC is an international standard for
the identification of institutions within the financial services
industry. The International Organization for Standardization (ISO)
has designated SWIFT as the registration authority for
BIC.

Where can I find information on the IBAN
and the BIC for my own payment account?

Both are automatically provided by the payment service providers.
The IBAN and the BIC can often be found on individual payment
account statements, debit cards or in online banking applications.

Where can I find information on the IBAN
and the BIC for an account held by my business partner, for example?

The IBAN and the BIC can be found on any of the business documents
you receive from your business partner, for instance, on the
invoice, but also on the letter head or footer of a letter as well
as on their business website. This information must be supplied by
the payment recipient to the person making the payment. In order to
ensure that the information is made available to customers,
Regulation (EC) No 924/2009, Article 4, requires that bank
statements show the customer’s IBAN and (where applicable) the BIC
and that they provide this information on demand and free of charge.
Similarly, invoices must show this information in order to
facilitate SEPA credit transfers.

However, this service does not provide information as to whether
this IBAN (meaning the associated account) actually exists.

Is there a central European list of all
IBANs?

No, there is not.

What happens if I misspell or mistype an
IBAN?

Every IBAN includes a unique check digit that protects users from
making such mistakes.

SEPA direct debit

What is the difference between “core” and
“B2B” SEPA direct debits?

Core SEPA direct debits (SDDs) can be used by
anyone, both by consumers and businesses. Services and products
based on the business-to-business (B2B) SDD scheme
are only available to businesses, the payer cannot be a consumer,
and the payer (a business) is not entitled to obtain any refunds for
an authorised transaction.

What is a SEPA direct debit mandate?

A SEPA direct debit mandate is the expression of consent and
authorisation given by the payer (e.g. consumer) to the payee (e.g.
a telecom provider or insurance company) and to the payer’s payment
service provider (e.g. a bank) to enable the payee to initiate a
debit from the payer’s specified payment account and to enable the
payer’s payment service provider to comply with such instruction.

The mandate document must contain a series of mandatory data
elements that are deemed necessary to identify the SEPA direct debit
transaction: the unique mandate reference, the payer’s name and
address, the IBAN (and the BIC, if necessary), the creditor’s name
and unique identifier, the type of payment, the date of signature
and the payer’s signature. It must be clearly stated that it is a
SEPA direct debit mandate. There are no specific requirements
regarding the layout to be used.

Which language should be used for the text
of a SEPA mandate?

The text of a SEPA mandate should be written in at least one and
up to three of the languages of the country of residence of the
payer. If the payee is not able to determine the language of the
payer, the text of the SEPA mandate should be written in English.

The mandate reference is a unique combination of up to 35
alphanumeric characters chosen by the payee. It is a reference
number given to each SEPA direct debit mandate received, ensuring
that all direct debits based on this particular mandate can be
identified. The unique mandate reference is part of the required data elements that the payee needs
to provide in order to initiate a SEPA direct debit.

What is the mandate dematerialisation?

Mandate dematerialisation is the conversion of the data from a
paper-based signed mandate to an electronic format.

What if legacy mandates are already in
existence? Will it be necessary to obtain new SEPA mandates in order
to be able to make SEPA direct debits in the future?

Regulation (EU) No 260/2012 stipulates that
existing direct debit mandates that were issued before 1 February
2014 will remain valid after the migration end date when making core
SEPA direct debit payments.

Do mandates need to be validated or signed
by the payer’s payment service provider?

No. The mandate is an agreement between the creditor and the
debtor and does not require any post-validation by a payment service
provider.

What is the creditor identifier?

The creditor identifier was created in the SEPA direct debit
scheme to enable payers and their payment service providers to
return to the payee (creditor) for refunds, to make complaints and
to check the existence of a mandate upon presentation of a
collection by the payee. These procedures require a unique
identifier for the payees, such that each creditor identifier only
refers to one payee.

Is there a European central list of all
creditor identifiers?

No, there is not. The individual SEPA countries have their own
specific domestic procedures for providing unique creditor
identifiers to payees in SEPA direct debit schemes. The European
Payments Council provides an overview of the characteristics of creditor
identifiers and their provision in each SEPA country.

Can a creditor use a single creditor
identifier in any SEPA country?

The European Payments Council states that a creditor (payee) is
free to use one or more creditor identifiers for the initiation of
collections in any SEPA country. If a creditor should move its
account from one payment service provider in one country to another
payment service provider in another country, the existing creditor
identifier should be retained; otherwise all mandates in the market
would need to be amended for the next collection.

How much time does the payer have to
request a refund vis-à-vis a SEPA direct debit paid from his/her
account?

In the core SEPA direct debit scheme, the consumer may request a
refund for a period of 8 weeks after the date of
the debit of the account if the SEPA direct debit was authorised (see also à SEPA direct debit mandate). Unauthorised core SEPA direct debits can be returned by consumers for a period of 13 months.

Requests for refunds in the business-to-business SEPA direct debit scheme, however, are not permitted for
authorised transactions.

Can consumers easily stop payments by SEPA
direct debits from their accounts?

Yes, at any point in time a payer/consumer may instruct the
payee/creditor not to make SEPA direct debits anymore by revoking
the SEPA direct debit mandate previously given. Furthermore, the
payer may instruct its payment service provider to block any
incoming direct debits initiated by a specific creditor.

Consumers may also make use of other blocking options: they are
entitled to instruct their payment service providers to limit a SEPA
direct debit to a certain amount and/or frequency. They can also
block all SEPA direct debits on their accounts (full blocking
option) or only those SEPA direct debits initiated by specified
payees (black-listing option). It is also possible to authorise SEPA
direct debits only if they are initiated by one or more
pre-specified payees (white-listing option).

Is it still possible to initiate
business-to-business SEPA direct debits if the counterparty is
self-employed?

Yes, business-to-business SEPA direct debits can be used for
payments between companies and/or self-employed persons.
Self-employed persons should be individuals who perform an economic
or professional activity (i.e. not consumers).

If a creditor has debtors in several
different countries, will it be possible to send all SEPA direct
debits in the same message file?

Yes, SEPA direct debits (or SEPA credit transfers, respectively)
can be sent together in a single file using the ISO 20022 XML
format, regardless of the locations of the euro payment accounts to
be debited.

What is the execution time cycle of a SEPA
direct debit collection?

The execution time cycle of a SEPA direct debit varies according
to the type of payment operation:

If the direct debit is the first in a series of recurrent debits
or a one-off debit, the payer’s bank must receive the collection
from the payee’s bank, at the latest, five interbank business days
before the due date of the collection (D-5).

If the debit is a subsequent debit in a series of recurrent
debits, the payer’s bank must receive the collection from the
payee’s bank, at the latest, two interbank business days before the
due date of the collection (D-2).

In addition to this, there is also an option for an even shorter
execution time cycle of only one interbank business day (D-1), which
is being implemented as a main option in Spain (October 2013) and in
Germany (November 2013).

As a creditor, what data do I need to
provide my payment service provider with in order to initiate a SEPA
direct debit?

In order to initiate a SEPA direct debit, a creditor
is required to provide his/her payment service provider with:

the type of direct debit (recurrent, one-off, first, last or
reversal);

the payee’s name;

the IBAN of the payee’s payment account to be credited;

where available, the payer’s name;

the IBAN of the payer’s payment account to be debited;

the unique mandate reference;

the amount of the debit (if the payer’s mandate is given after
the date on which it was signed);

the unique mandate reference as provided by the original payee
who issued the mandate (if the mandate was taken on by a payee
other than the payee who issued the mandate);

the payee’s identifier;

the creditor identifier of the original payee who issued the
mandate (if the mandate was taken on by a payee other than the
payee who issued the mandate);

Is it possible to issue electronically
signed SEPA direct debit mandates via the internet?

As a creditor, you should ask your payment service provider which
variants of electronic mandates it accepts as part of your
contractual agreement on SEPA direct debit (SDD) collections, and
what the benefits, costs and risks of these variants are for you as
a creditor. Information on national requirements relating to the
legal validity of SDD mandates can be requested from the national
competent authorities (see the list of national competent authorities).

The choice of the mandate arrangements for SEPA direct debits is
important both from a workflow and from a risk perspective. An
electronic mandate is usually easy to set up, fast in transmission
and low in cost (since it does not need to be printed, signed and
returned in paper form). However, depending on the individual
circumstances an electronic mandate issued via the internet could
also provide less evidence in case of disputes. The identity of the
payer is not always fully verified. Verification can, for instance,
be ensured by strong customer authentication (especially for new
customers). Furthermore, it may be necessary to check whether the
payer’s account for which the SDD mandate is issued really exists
and whether the customer is actually the holder. This can, for
instance, be confirmed by the payment service provider of the
payer’s account (e.g. the consumer’s bank).

It is important for creditors to be aware that the burden of proof
will lie with them if the payer disputes the authorisation of the
SEPA direct debit after a collection. The creditor should be able to
prove that a valid mandate for the collection was actually received.
Otherwise the collection would be categorised as unauthorised, in
which case the payer has a legal right to obtain a refund up to 13
months after the collection (rather than up to eight weeks, the
interval within which an unconditional refund can be obtained for
legally valid mandates). Proving validity in the event of a dispute
can be especially difficult for creditors in the case of
cross-border transactions, owing to potential differences in the
applicable law. A user-friendly pan-European solution for proof-safe
electronic mandates via the internet has not yet been established.

The SecuRe Pay Forum (consisting of supervisors and overseers in
Europe dealing with the security of retail payments, such as
internet payments) recommends that payment service providers
apply as of 1 February 2015 strong customer authentication when
issuing an electronic mandate.

The European Payments Council (EPC) has developed the concept of an
operating model for electronic mandates that is based on qualified
digital signatures and on the involvement of the payer’s and the
creditor’s payment service providers. The EPC made it clear that it does not prohibit
other types of electronic mandate solution for the SDD; it should
however be understood that other types of electronic mandate
solution – although legally valid – sometimes do not provide the
creditor with full certainty that the direct debit is authorised by
the payer.

In many countries, creditors use models for electronic mandates
without the involvement of the payer’s or the creditor’s payment
service providers. These models can continue to be used for SEPA
direct debits under certain conditions (e.g. the German authorities
explicitly
confirmed the continuing possibility of
such practices in Germany, based on the individual contractual
agreement between creditor and payment service provider). However,
such a practice has implications for the creditor’s risk exposure:
if the creditor cannot prove (in the event of a dispute) that the
electronic mandate was really authorised by the payer holding the
account, the payer has the right to obtain a refund up to 13 months
after the collection.

The establishment of a user-friendly pan-European solution for
proof-safe electronic mandates for SEPA direct debits could help
reduce the risk of such practices for the creditor.

Two European legal acts are of relevance for SEPA direct
debit mandates:

The establishment of a user-friendly pan-European solution for
proof-safe electronic mandates for SEPA direct debits could help
reduce the risk of such practices for the creditor.

SEPA credit transfers

Do I need to complete new forms for SEPA
credit transfers?

Yes, the forms for a SEPA credit transfer do need to contain
specific data elements, for instance, the IBAN of
the payee’s payment account. Such forms (electronic and paper) are
provided by the payment service providers.

What is the execution time cycle for a SEPA
credit transfer?

Since 1 January 2012, the Payment Services Directive has obligated
all payment service providers to adhere to strict time limits in the execution of payments
(“D+1”). A SEPA credit transfer must be credited to the account of
the payee, at the latest, one business day after receipt of the
credit transfer instruction by the payer’s payment service provider.
If the instruction is given on paper, the maximum execution period
can be extended by one additional business day.

What can I do if I initiated an incorrect
SEPA credit transfer?

In accordance with the operational rules of SEPA credit transfers,
an incorrect credit transfer can either be cancelled or recalled
under certain conditions. If a payer has initiated an incorrect SEPA
credit transfer, he/she must inform his/her payment service provider
as soon as possible. The provider is entitled to charge its customer
for the cancellation or recall procedures. It should also be noted
in this context that a payer’s service provider cannot be made
responsible for the defective execution of a SEPA credit transfer if
the payer transmitted the wrong International Bank Account Number
(IBAN).

What data do I need to provide my payment
service provider with in order to initiate a SEPA credit transfer?

In order to initiate a SEPA credit transfer, the
payer is required to provide his/her payment service provider with:

FAQ notice: Please refer to the official legislation and original texts of the scheme rules for exact application. Unless otherwise indicated, the information given refers to the provisions generally applied in the euro area. Other timelines or differentrequirements and rules may apply in certain individual countries and in Member States with other currencies than the euro.